package cn.tedu.knows.portal.security;

import cn.tedu.knows.portal.service.impl.UserDetailsServiceImpl;
import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.context.annotation.ComponentScan;
import org.springframework.context.annotation.Configuration;
import org.springframework.security.config.annotation.authentication.builders.AuthenticationManagerBuilder;
import org.springframework.security.config.annotation.method.configuration.EnableGlobalMethodSecurity;
import org.springframework.security.config.annotation.web.builders.HttpSecurity;
import org.springframework.security.config.annotation.web.configuration.WebSecurityConfigurerAdapter;
import org.springframework.security.core.userdetails.UserDetails;

@Configuration
//启动Spring-Security 提供的权限管理功能
@EnableGlobalMethodSecurity(prePostEnabled = true)
public class SecurityConfig extends WebSecurityConfigurerAdapter {
    //当前类继承WebSecurityConfigurerAdapter
    //能够重写这个父类的方法,这个父类的方法都是用于设置权限管理的
    @Autowired
    private UserDetailsServiceImpl userDetailsService;

    @Override
    protected void configure(AuthenticationManagerBuilder auth) throws Exception {
     auth.userDetailsService(userDetailsService);
    }

    //放行

    @Override
    protected void configure(HttpSecurity http) throws Exception {
      http.csrf().disable()//禁止防跨域攻击功能
              .authorizeRequests()//设置网站的访问及放行规则
              //下面的方法开始指定路径
              .antMatchers("/css/*",
                      "/js/*","/img/**","/bower_components/**",
                      "/login.html","/register.html","/register")
               .permitAll() //上面的路径是全部允许的
               .anyRequest()//除上面之外的路径
               .authenticated()//需要登录在可以访问
               .and()//上面配完了,开始下面的
                .formLogin()//使用表单进行登录
               .loginPage("/login.html")//配置登录是显示的页面
               .loginProcessingUrl("/login")//配置处理登录的路径
               .failureUrl("/login.html?error")//登录失败跳转页面
               .defaultSuccessUrl("/index.html")//登录成功跳转页面
               .and()
               .logout()
               .logoutUrl("/logout")//配置登出的连接
               .logoutSuccessUrl("/login.html?logout");//配置登出的跳转页面
    }
}
